• DDOS Prevention module

Good known required configuration

| apache 2.x

./configure --prefix=/srv/www --enable-access --enable-autoindex --enable-env --enable-info --enable-mime --enable-proxy --enable-status --enable-usertrack --enable-actions --enable-imap --enable-log_agent --enable-rewrite --enable-alias --enable-auth --enable-cgi --enable-dir --enable-include --enable-log_config --enable-mime_magic --enable-negotiation --enable-setenvif --enable-userdir --enable-define --enable-log_forensic --enable-ssl --enable-so --enable-dav

<VirtualHost *>
ServerAlias www.yourdomain.com
ServerName www.yourdomain.com
RewriteEngine  on
RewriteCond    %{HTTP_HOST}  ^yourdomain.com
RewriteRule    ^(.*)$        /www/$1 [L]
RewriteCond    %{HTTP_HOST}  ^www.*
RewriteRule    ^(.*)$        /www/$1 [L]
RewriteCond    %{HTTP_HOST}  ^(.*)\.yourdomain\.com
RewriteRule    ^(.*)$        /%1/$1 [L]
</VirtualHost>

RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule \.(gif|jpg|png)$ http://www.xyz.com/images/broken_image.jpg [R=301,L]

/srv/www/apache/bin/apxs -c -L/usr/local/lib/mysql -I/usr/local/include/mysql -lmysqlclient -lm -lz mod_auth_mysql.c

Alias /php-info /usr/local/apache/libexec/info.php
<Location /php-info>
   AuthUserFile /usr/local/apache/libexec/info.pw
    AuthGroupFile /dev/null
    AuthType Basic
    AuthName "PHP Info"
    require valid-user
</Location>

<Location /stats/>
AuthUserFile /usr/local/www/statspass
AuthName "Stats Admin"
AuthType Basic
Require valid-user
</Location>

| .htaccess

SecFilterEngine Off
SecFilterScanPOST Off

Action php-script /cgi-bin/php
AddHandler php-script .php

| .htaccess

RewriteEngine    on
RewriteCond    %{HTTP_REFERER} !^$
RewriteCond    %{HTTP_REFERER} !^http://([-a-z0-9]+\.)?xyz\.com [NC]   ## Do not allow
RewriteCond    %{HTTP_REFERER} !^http://([-a-z0-9]+\.)?pqr\.com [NC]     ## Do not allow
RewriteCond    %{HTTP_REFERER} !^http://([-a-z0-9]+\.)?abc\.org [NC]      ## Do not allow
RewriteRule    \.(gif|jpe?g|png|gif|bmp|jpe|mov|mpg|avi|mpeg|jpg)$ http://www.mnr.com [NC,L]   ## Allow

if you define above .htaccess to all your domain at global position.
you might need to exclude some domain to allow hotlinking to it use following line after second line.

| .htaccess

RewriteCond %{HTTP_HOST} !^www\.nmn\.com$ [NC]

| .htaccess

<Limit GET POST>
order allow,deny
allow from all
deny from .microsoft.com
deny from .evil-hackers.org
deny from 24.112.106.235
deny from morphine.wiretap.net
</Limit>

#!/usr/local/bin/perl
 
$www = $ENV{'SERVER_PORT'} ne "";
eval "use Compress::Zlib"; $hasCompress = $@ ? 0 : 1;
eval "use LWP"; $hasLWP = $@ ? 0 : 1;
eval "use LWP::Simple"; $hasLWPsimple = $@ ? 0 : 1;
if ($hasLWPsimple) {
        eval "use LWP::UserAgent";
        my $ua = LWP::UserAgent->new(timeout => 30);
        $u = "http://www.c3scripts.com/test/test.txt";
        $resp = $ua->request(HTTP::Request->new('GET', $u));
        $okLWP = $resp->content =~ /test\.pl/i;
}
eval "use CGI::Carp qw(fatalsToBrowser)"; $hasCGI = $@ ? 0 : 1;
$w = 16; $f = "<b>%" . $w . "s</b> : %s\n"; $f2 = " " x $w . " & %s\n";
print "Content-type: text/html\n\n<html><body><pre>" if ($www);
printf $f, "test.pl", "v6.01.18";
printf $f, "Perl", "v$]";  
printf $f, "CGI::Carp", ($hasCGI? "" : "not ") . "installed";
printf $f, "Compress::Zlib", ($hasCompress? "" : "not ") . "installed";
printf $f, "LWP", ($hasLWP? "v$LWP::VERSION " : "not ") . "installed";
printf $f, "LWP::Simple", ($hasLWPsimple? "" : "not ") . "installed";
printf $f, "LWP::Simple", "rx " . ($okLWP? "" : "not ") . "ok" if ($hasLWPsimple);
printf $f, "\@INC", $INC[0]; foreach $x (1..$#INC) { printf $f2, $INC[$x];}
foreach $x (sort split(",",
  "DOCUMENT_ROOT,SCRIPT_FILENAME,PATH_INFO,PATH_TRANSLATED,".
  "REQUEST_FILENAME,HTTP_HOST,SERVER_SOFTWARE"))
    { printf $f, $x, $ENV{$x} }
print "</pre></body></html>\n" if ($www);
1;

you can setup timezone using setting environment using TZ.

| .htaccess

SetEnv TZ Europe/London

To setup default notification email, you can also set based on directory.

| .htaccess

ServerSignature EMail
SetEnv SERVER_ADMIN user@domainname.com

There is two way to accomplish this task.

| .htaccess

SetEnvIfNoCase User-Agent "^libwww-perl" bad_bot
SetEnvIfNoCase User-Agent "^EmailWolf" bad_bot
SetEnvIfNoCase User-Agent "^ExtractorPro" bad_bot
SetEnvIfNoCase User-Agent "^CherryPicker" bad_bot
SetEnvIfNoCase User-Agent "^NICErsPRO" bad_bot
SetEnvIfNoCase User-Agent "^Teleport" bad_bot
SetEnvIfNoCase User-Agent "^EmailCollector" bad_bot
 
Order Allow,Deny
Allow from all
Deny from env=bad_bot

OR

| .htaccess

RewriteEngine On 
RewriteCond %{HTTP_USER_AGENT} ^libwww-perl [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Bot\ mailto:craftbot@yahoo.com [OR] 
RewriteCond %{HTTP_USER_AGENT} ^ChinaClaw [OR] 
RewriteCond %{HTTP_USER_AGENT} ^Custo [OR] 
RewriteRule ^.* - [F,L]

This will not ask you to download files.

| .htaccess

AddType application/octet-stream .pdf
AddType application/octet-stream .zip
AddType application/octet-stream .mov

This is useful in may stats.

| .htaccess

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.
RewriteRule ^(.*)$ http://www.%{HTTP_HOST}/$1 [R=301,L]

| .htaccess

RewriteEngine On
RewriteCond %{HTTP_HOST} ^domain.com
RewriteRule (.*) http://www.domain.com/$1 [R=301,L]

This help you to prevent IP pointing and help gaining ranking.

| .htaccess

RewriteEngine On
RewriteCond %{HTTP_HOST} !^(.*)\.domain\.com
RewriteRule (.*) http://www.google.com/search?hl=en&site=domain.com&q=domain.com&btnG=Search [R=301,L]

| httpd.conf

ProxyRequests Off
ProxyPass /video http://127.0.0.1:81/
ProxyPassReverse / http://127.0.0.1:81/

In light httpd simply follow the configuration as usual. OR Check link lightttpd

RewriteEngine On
RewriteRule ^(.*)\.(mp3|mov|mp4)$ http://www.xyz.com:81/Videos/$1.$2 [NC]